CVE-2024-8190CISA KEVEPSS p99.8%

CVE-2024-8190Ivanti Cloud Services Appliance OS Command Injection Vulnerability

Ivanti / Cloud Services Appliance

Description

Ivanti Cloud Services Appliance (CSA) contains an OS command injection vulnerability in the administrative console which can allow an authenticated attacker with application admin privileges to pass commands to the underlying OS.

Scoring

EPSS88.95% probability of exploitation · percentile 99.8% · 2026-06-17T12:03:21Z

CISA KEV entry

Added to KEV: 2024-09-13

(incoming)1

TypeTargetConfidenceTier
KEVEntryIvanti Cloud Services Appliance OS Command Injection Vulnerabilitykev-cve-2024-81900%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Ivanti Cloud Services Appliance (CSA) OS Command Injection Vulnerability
CVE
Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability
CVE
Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability
CVE
Ivanti Connect Secure and Policy Secure Command Injection Vulnerability
CVE
Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability
CVE
CVE-2026-8111
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.